The service being decentralized doesn’t really do anything about privacy, I’d even imagine it being harder to implement privacy controls on decentralized services.
Also the potential privacy “gains” from VPN rely on the fact that there’s very large number of users using that service, making it harder to connect the dots. This basically means that self-hosting it for privacy is a bad idea, though it always depends on your threat model.
Lemmy is decentralized, FOSS and can be self-hosted, but it’s absolutely not even near “privacy-first” design besides allowing pseudonymous sign-up.
Now thundermail promises some level of privacy, but we’re yet to see much. Are the mailbox databases encrypted with customer owned keys, and mailflow logs not collected? That’d be my first question to determine if they’re truly privacy-first.
Anything not selfhosted and/or decentralized, including VPNs, is, by design, not 100% privacy-first.
The service being decentralized doesn’t really do anything about privacy, I’d even imagine it being harder to implement privacy controls on decentralized services.
Also the potential privacy “gains” from VPN rely on the fact that there’s very large number of users using that service, making it harder to connect the dots. This basically means that self-hosting it for privacy is a bad idea, though it always depends on your threat model.
Lemmy is decentralized, FOSS and can be self-hosted, but it’s absolutely not even near “privacy-first” design besides allowing pseudonymous sign-up.
Now thundermail promises some level of privacy, but we’re yet to see much. Are the mailbox databases encrypted with customer owned keys, and mailflow logs not collected? That’d be my first question to determine if they’re truly privacy-first.